<?php
	//Authentication
	if(!defined('FORGOT_PWD_SERVICE')){
		$url="../Index.php";
		include_once '../Tool/Common/Redirect.php';
		exit();
	}

	define('CONFIG_FILE',true);
    include '../config.php';
    
	define('DB_FILE',true);
	require_once '../Tool/DB/SqlDBManager.class.php';

	define('EMAIL_FILE',true);
	require_once '../Tool/Mail/mail.class.php';
	require_once '../Classes/User.class.php';
	
	class ForgotPwdService{
		
		public function retrieveUserByUserName($username){
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();			
			
			$sql="select * from user where Username=?";
			$parameters = array($username);
		
			//get result
			$res=$sqlDBManager->queryRow($sql,$parameters);

			if(!empty($res)){
				$user = new User();
				$user ->setUserName($res['Username']);
				$user ->setPwd($res['Password']);
				$user ->setUserType($res['UserType']);
				$user ->setStaffName($res['StaffName']);
				$user ->setCentreID($res['CentreId']);
				$user ->setContactNo($res['ContactNumber']);
				$user ->setEmail($res['Email']);
				return $user; // indicates user exists
			}
			
			//close connection
			$sqlDBManager->close_connect();
				
			return ""; //indicates user not exists
		}
		
		public function retrieveUserByEmail($email){	
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();		

			$sql="select * from user where Email=?";
			$parameters = array($email);

			//get result
			$res=$sqlDBManager->queryRow($sql,$parameters);

			if(!empty($res)){
				$user = new User();
				$user ->setUserName($res['Username']);
				$user ->setPwd($res['Password']);
				$user ->setUserType($res['UserType']);
				$user ->setStaffName($res['StaffName']);
				$user ->setCentreID($res['CentreId']);
				$user ->setContactNo($res['ContactNumber']);
				$user ->setEmail($res['Email']);
				return $user; // indicates user exists
			}
			
			//close connection
			$sqlDBManager->close_connect();
				
			return ""; //indicates user not exists
		}

		public function retrieveTokenKeyInfo($tokenKey,$hashValue){	
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();		

			$sql="select ExpireTime,Expired from token where TokenKey=? and hashValue=?";
			$parameters = array($tokenKey,$hashValue);

			//get result
			$res=$sqlDBManager->queryRow($sql,$parameters);

			if(!empty($res)){
				return $res; // indicates user exists
			}
			
			//close connection
			$sqlDBManager->close_connect();
				
			return ""; //indicates user not exists
		}
		
		public function updatePwdByEmailAddress($emailAddress,$newPassword){			
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();

			$sql="update user set Password= ? where Email=?";
			$parameters = array($newPassword,$emailAddress);
			
			//get result
			$res=$sqlDBManager->execute_dml($sql,$parameters);
		
			if($res>0){
				return true; // indicates user exists
			}
				
			//close connection
			$sqlDBManager->close_connect();
		
			return false;
		}	

		public function insertTokenKey($tokenKey,$expireTime,$expired,$hashValue){
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();

			$sql="INSERT INTO Token (TokenKey,ExpireTime,Expired,hashValue) values (?,?,?,?)";
			$parameters = array($tokenKey,$expireTime,$expired,$hashValue);
			
			//get result
			$res=$sqlDBManager->execute_dml($sql,$parameters);

			if($res>0){
				return true; // indicates insert success
			}
			
			//close connection
			$sqlDBManager->close_connect();
		}

		public function updateTokenByTokenKey($tokenKey){			
			//create SqlDBManager object
			$sqlDBManager = new SqlDBManager();

			$sql="update token set ExpireTime= ?, Expired=? where TokenKey=?";
			$expireTime=date('Y-m-d H:i:s',time());
			$expired=1;
			$parameters = array($expireTime,$expired,$tokenKey);
			
			//get result
			$res=$sqlDBManager->execute_dml($sql,$parameters);
		
			if($res>0){
				return true; // indicates user exists
			}
				
			//close connection
			$sqlDBManager->close_connect();
		
			return false;
		}

		public function sendTokenKey($receiverAddress,$tokenKey,$hashValue,$expireTime){
			//Create a Mail class
			$mail = new Mail();
					
			//Email content

			$search=array("{expireTime}", "{TokenKey}", "{URL}");
			$url="<a href=\"".TOKEN_URL."/Token.php?hashValue=".$hashValue."\">".TOKEN_URL."Token.php?hashValue=".$hashValue."</a>";
			$replace = array($expireTime, $tokenKey, $url);

			$content=file_get_contents("../Tool/Mail/Tokencontents.html");
			$msg=str_replace($search,$replace,$content);			

			$subject="Token Key";
			//Send
			$res=$mail->mailPassword($receiverAddress,$msg,$subject);
			
			//Return send email result.
			return $res;
		}

		public function sendNewPwd($receiverAddress,$newPassword){
			//Create a Mail class
			$mail = new Mail();
			
			//Retrieve receiver address
			$receiverAddress=$receiverAddress;
					
			//Email content
			$content=file_get_contents("../Tool/Mail/contents.html");
			$msg= str_replace("{newPassword}",$newPassword,$content);
			
			$subject="New Password";
			//Send
			$res=$mail->mailPassword($receiverAddress,$msg,$subject);
			
			//Return send email result.
			return $res;
		}
	}
	
?>